For those who don't know what this is is that any communications that go from Apple to your device now go through a third party (Doucli). Doucli filters out any traffic which relates to iCloud locking or simply inserts a different set of communications which can then unlock the device. For anyone who knows how this is done this can be extremely tedious and difficult especially if the defender has taken extensive counter-measures against attack.

If you are interested in possible avenues of attacking it here goes:- preventing it from locking your device should be simple enough. Don't connect it to the Internet and allow it to hook up with Apple servers. Earlier versions of the Doucli hack depend on DNS host file hacking. Later version of Apple software seems to block this behaviour though. Easiest way around this is to setup a layered defense/attack with DNS re-directs occuring at multiple points between you and Apple whether it may be via software (relevant configuration files, virtual machines, containers, etc...) and/or hardware (networking hardware, servers, etc...)- the network/server setup of Apple systems is such that the authentication servers may not be isolated from the store purchases making things slightly more difficult (there are plenty of programs out there to do this). If you must use a second/intermediary system to which downloads music/software and use this to transfer to another system which is never connected online. This allows you to have the benefits of the purchasing online while not having to deal with iCloud authentication issues. Your device can not be locked without relevant identifying information being transferred between yourself and Apple (obviously, if this becomes a widespread means of bypassing iCloud then they'll be counter-measures which are deployed, etc...)- the game keeps on changing. As cracks in the protocol/system are identified attackers and Apple have to continually change the game. If you really want to understand it, you're best trying to understand live packet manipulation and reverse engineering/cracking or DRM systems- I've looked at this and for me the easiest way to attack is via direct hardware if your device is locked. It requires no advance knowledge of the software/protocol and is reliant entirely on the way in which data is stored on the device itself (obviously, this only makes the problem slightly easier to deal with). It's similar to the way in which firmware reset mode works on embedded devices such as eBooks and to the way in which bypass is achieved in physical security systems. The only troubling thing may access. They're BGA! Realistically this could mean that this type of attack is neigh on impossible (I think it may be possible though. When I have dead hardware lying around I often play around with it. A single copper fibre and the right type of signal/voltage may be enough to create the type of data corruption that I require). Effectively, the type of attack that I envisage revolves around storage corruption. Since, everything is stored via a combination of encrypted keys at multiple layers my belief is that destroying/corrupting the storage and restoring iOS clean and bypassing Apple servers is easier than engaging in a continual race against Apple (making the assumption that restoration of iOS can be completed independently of iCloud lock checking)http://dtbnguyen.blogspot.com/2012/07/if-only-reading-were-easier.htmlhttp://dtbnguyen.blogspot.com/2012/08/funky-firmware.htmlhttp://images.apple.com/iphone/business/docs/iOS_Security_Feb14.pdfhttps://www.ifixit.com/Answers/View/192220/Is+it+possible+to+transfer+NAND+Flash+from+iPhone+to+anotherhttp://www.datarecovery.net/newsletters/what-kills-flash-drive.htmlToshiba THGBX2G7B2JLA01 16 GB NAND FlashSK Hynix H2JTDG8UD1BMR 16 GB NAND Flash- clearly, I'm working on the premise that attacking hardware is easier than attacking software since it is more difficult to change. To change the pin-out structure on a single chip requires re-tooling on a mass scale for chips that may also be used in other devices making it un-economical for both Apple and flash chip manufacturers to engage in. Once a design is out there, we can just figure it out and it should work across that entire design specification/model though... Of course, this could be somewhat of a moot point because a lot of Apple devices aren't easily upgradeable, change layout on each iteration, etc...- another type of attack revolves around changing identifying information on the device and then clearing iOS. That said, you don't know whether or not Apple may have some sort of unique/class based identification system which may block non-Apple identified systems from accessing their servers. Either way, it requires a second system to act as an intermediary- insider at Apple who removes gives you a 'clean sheet'- that said, much of what I'm saying here is theoretical. I don't have access to an iPod/iPad at the moment so I don't know The best I've been able to manage are online teardownshttp://www.techhive.com/article/116572/article.htmlhttp://superuser.com/questions/616033/are-unpowered-ssds-vulnerable-to-an-emp-shockhttp://www.survivalistboards.com/showthread.php?t=72855http://electronics.stackexchange.com/questions/36921/does-magnetism-affect-sd-cardshttps://en.wikipedia.org/wiki/Flash_memory

ISBN: 9781743519103LibraryThingWritten by a Victoria Cross recipient, this is the true story of a messed up kid who made something of himself. Mark's dad died of cancer when he was young, and his mum was murdered. Mark then went through a period of being a burden on society, breaking windows for fun and generally being a pain in the butt. But then one day he decided to join the army...

This book is very well written, and super readable. I enjoyed it a lot, and I think its an important lesson about how troubled teenagers are sometimes that way because of pain in their past, and can often still end up being a valued contributor to society. I have been recommending this book to pretty much everyone I meet since I started reading it.

The kids at coding club have decided that we should write an implementation of pong in python. I took a look at some options, and decided tkinter was the way to go. Thus, I present a pong game broken up into stages which are hopefully understandable to an 11 year old: Operation Terrible Pong.

On a particularly cold Saturday morning a couple of years ago, my mobile phone couldn’t get any signal for a few hours. But I didn’t really care, because I had breakfast to eat, animals to feed, and nobody I urgently needed to talk to at the time. Also it came good again shortly after midday.

The following week the same thing happened, but for rather longer, i.e. well into the evening. This was enough to prompt me to use my landline to call Optus (our mobile phone provider) and report a fault. The usual dance ensued:

“Have you tried turning it off and on again?”
“Yes.”
“Have you tried a different handset?”
“Yes.”
“A different SIM?”
“Yes.”
“Holding the phone in your other hand?”
“Yes.”
“Sacrificing a lamb to the god Mercury?”
“Yes.”

I might be misremembering the details of the conversation, but you get the idea. Long story short, I got a fault lodged.

Later I received a call – on my mobile – asking if my mobile was working again. “Indeed it is, and you wouldn’t have been able to make this call if it wasn’t”, I replied. Then I asked what the problem had been. “Let me check”, said the support person. “Uhm… It says here there was… 100mm of ice on the local tower.”

Flash forwards to a couple of days ago, when snow fell down to sea level for the first time since 2005, and my mobile phone was dead again. I can only assume they haven’t solved the icing problem, and that maybe the local NBN fixed wireless tower suffers from the same affliction, as that was dead too for something like 24 hours.

The launchpad API docs are OMG terrible, and it took me way too long to work out how to do this, so I thought I'd document it for later. Here's how you list all the open bugs in a launchpad project using the API:

There’s a significant debate going on at the moment in the Bitcoin world; there’s a great deal of information and misinformation, and it’s hard to find a cogent summary in one place. This post is my attempt, though I already know that it will cause me even more trouble than that time I foolishly entitled a post “If you didn’t run code written by assholes, your machine wouldn’t boot”.

The Technical Background: 1MB Block Limit

The bitcoin protocol is powered by miners, who gather transactions into blocks, producing a block every 10 minutes (but it varies a lot). They get a 25 bitcoin subsidy for this, plus whatever fees are paid by those transactions. This subsidy halves every 4 years: in about 12 months it will drop to 12.5.

Full nodes on the network check transactions and blocks, and relay them to others. There are also lightweight nodes which simply listen for transactions which affect them, and trust that blocks from miners are generally OK.

A normal transaction is 250 bytes, and there’s a hard-coded 1 megabyte limit on the block size. This limit was introduced years ago as a quick way of avoiding a miner flooding the young network, though the original code could only produce 200kb blocks, and the default reference code still defaults to a 750kb limit.

In the last few months there have been increasing runs of full blocks, causing backlogs for a few hours. More recently, someone deliberately flooded the network with normal-fee transactions for several days; any transactions paying less fees than those had to wait for hours to be processed.

There are 5 people who have commit access to the bitcoin reference implementation (aka. “bitcoin-core”), and they vary significantly in their concerns on the issue.

The Bitcoin Users’ Perspective

From the bitcoin users perspective, blocks should be infinite, and fees zero or minimal. This is the basic position of respected (but non-bitcoin-core) developer Mike Hearn, and has support from bitcoin-core ex-lead Gavin Andresen. They work on the wallet and end-user side of bitcoin, and they see the issue as the most urgent. In an excellent post arguing why growth is so important, Mike raises the following points, which I’ve paraphrased:

Currencies have network effects. A currency that has few users is simply not competitive with currencies that have many.

A decentralised currency that the vast majority can’t use doesn’t change the amount of centralisation in the world. Most people will still end up using banks, with all the normal problems.

Growth is a part of the social contract. It always has been.

Businesses will only continue to invest in bitcoin and build infrastructure if they are assured that the market will grow significantly.

Bitcoin needs users, lots of them, for its political survival. There are many people out there who would like to see digital cash disappear, or be regulated out of existence.

At this point, it’s worth mentioning another bitcoin-core developer: Jeff Garzik. He believes that the bitcoin userbase has been promised that transactions will continue to be almost free. When a request to change the default mining limit from 750kb to 1M was closed by the bitcoin lead developer Wladimir van der Laan as unimportant, Jeff saw this as a symbolic moment:

Mike Hearn has a fairly apocalyptic view of what would happen if blocks fill. That was certainly looking likely when the post was written, but due to episodes where the blocks were full for days, wallet designers are (finally) starting to estimate fees for timely processing (miners process larger fee transactions first). Some wallets and services didn’t even have a way to change the setting, leaving users stranded during high-volume events.

It now seems that the bursts of full blocks will arrive with increasing frequency; proposals are fairly mature now to allow users to post-increase fees if required, which (if all goes well) could make for a fairly smooth transition from the current “fees are tiny and optional” mode of operation to a “there will be a small fee”.

But even if this rosy scenario is true, this begs the question of how high fees can become before bitcoin becomes useless. 1c? 5c? 20c? $1?

So What Are The Problems With Increasing The Blocksize?

In a word, the problem is miners. As mining has transitioned from a geek pastime, semi-hobbyist, then to large operations with cheap access to power, it has become more concentrated.

The only difference between bitcoin and previous cryptocurrencies is that instead of a centralized “broker” to ensure honesty, bitcoin uses an open competition of miners. Given bitcoin’s endurance, it’s fair to count this a vital property of bitcoin. Mining centralization is the long-term concern of another bitcoin-core developer (and my coworker at Blockstream), Gregory Maxwell.

Control over half the block-producing power and you control who can use bitcoin and cheat anyone not using a full node themselves. Control over 2/3, and you can force a rule change on the rest of the network by stalling it until enough people give in. Central control is also a single point to shut the network down; that lets others apply legal or extra-legal pressure to restrict the network.

What Drives Centralization?

Bitcoin mining is more efficient at scale. That was to be expected[7]. However, the concentration has come much faster than expected because of the invention of mining pools. These pools tell miners what to mine, in return for a small (or in some cases, zero) share of profits. It saves setup costs, they’re easy to use, and miners get more regular payouts. This has caused bitcoin to reel from one centralization crisis to another over the last few years; the decline in full nodes has been precipitous by some measures[5] and continues to decline[6].

Consider the plight of a miner whose network is further away from most other miners. They find out about new blocks later, and their blocks get built on later. Both these effects cause them to create blocks which the network ignores, called orphans. Some orphans are the inevitable consequence of miners racing for the same prize, but the orphan problem is not symmetrical. Being well connected to the other miners helps, but there’s a second effect: if you discover the previous block, you’ve a head-start on the next one. This means a pool which has 20% of the hashing power doesn’t have to worry about delays at all 20% of the time.

If the orphan rate is very low (say, 0.1%), the effect can be ignored. But as it climbs, the pressure to join a pool (the largest pool) becomes economically irresistible, until only one pool remains.

Larger Blocks Are Driving Up Orphan Rates

Large blocks take longer to propagate, increasing the rate of orphans. This has been happening as blocks increase. Blocks with no transactions at all are smallest, and so propagate fastest: they still get a 25 bitcoin subsidy, though they don’t help bitcoin users much.

Many people assumed that miners wouldn’t overly centralize, lest they cause a clear decentralization failure and drive the bitcoin price into the ground. That assumption has proven weak in the face of climbing orphan rates.

And miners have been behaving very badly. Mining pools orchestrate attacks on each other with surprising regularity; DDOS and block withholding attacks are both well documented[1][2]. A large mining pool used their power to double spend and steal thousands of bitcoin from a gambling service[3]. When it was noticed, they blamed a rogue employee. No money was returned, nor any legal action taken. It was hoped that miners would leave for another pool as they approached majority share, but that didn’t happen.

If large blocks can be used as a weapon by larger miners against small ones[8], it’s expected that they will be.

More recently (and quite by accident) it was discovered that over half the mining power aren’t verifying transactions in blocks they build upon[4]. They did this in order to reduce orphans, and one large pool is still doing so. This is a problem because lightweight bitcoin clients work by assuming anything in the longest chain of blocks is good; this was how the original bitcoin paper anticipated that most users would interact with the system.

The Third Side Of The Debate: Long Term Network Funding

Before I summarize, it’s worth mentioning the debate beyond the current debate: long term network support. The minting of new coins decreases with time; the plan of record (as suggested in the original paper) is that total transaction fees will rise to replace the current mining subsidy. The schedule of this is unknown and generally this transition has not happened: free transactions still work.

The block subsidy as I write this is about $7000. If nothing else changes, miners would want $3500 in fees in 12 months when the block subsidy halves, or about $2 per transaction. That won’t happen; miners will simply lose half their income. (Perhaps eventually they form a cartel to enforce a minimum fee, causing another centralization crisis? I don’t know.)

It’s natural for users to try to defer the transition as long as possible, and the practice in bitcoin-core has been to aggressively reduce the default fees as the bitcoin price rises. Core developers Gregory Maxwell and Pieter Wuille feel that signal was a mistake; that fees will have to rise eventually and users should not be lulled into thinking otherwise.

Mike Hearn in particular has been holding out the promise that it may not be necessary. On this he is not widely supported: that some users would offer to pay more so other users can continue to pay less.

It’s worth noting that some bitcoin businesses rely on the current very low fees and don’t want to change; I suspect this adds bitterness and vitriol to many online debates.

Summary

The bitcoin-core developers who deal with users most feel that bitcoin needs to expand quickly or die, that letting fees emerge now will kill expansion, and that the infrastructure will improve over time if it has to.

Other bitcoin-core developers feel that bitcoin’s infrastructure is dangerously creaking, that fees need to emerge anyway, and that if there is a real emergency a blocksize change could be rolled out within a few weeks.

At least until this is resolved, don’t count on future bitcoin fees being insignificant, nor promise others that bitcoin has “free transactions”.

As authorized representative in the resolution of IT security incidents
affecting Banesco Banco Universal, C.A., we demand the deletion of the
content related to Banesco Banco Universal, C.A, clients. This content
violates the law about electronic crime in Venezuela (see “Ley Especial
sobre Delitos Informáticos de Venezuela”, Chapter III, Articles 20 y 23).

Note the complete lack of any information regarding what URLs, or even which
site(s), they consider to be problematic. Nope, just “delete all our
stuff!” and a wave of the “against the law somewhere!” stick.

ISBN: 1447290496LibraryThingI don't read as much as I should these days, but one author I always make time for is John Scalzi. This is the next book in the Old Man's War universe, and it continues from where The Human Division ended on a cliff hanger. So, let's get that out of the way -- ending a book on a cliff hanger is a dick move and John is a bad bad man. Then again I really enjoyed The Human Division, so I will probably forgive him.

I don't think this book is as good as The Human Division, but its a solid book. I enjoyed reading it and it wasn't a chore like some books this far into a universe can be (I'm looking at you, Asimov share cropped books). The conclusion to the story arc is sensible, and not something I would have predicted, so overall I'm going to put this book on my mental list of the very many non-terrible Scalzi books.

We’ve finally had time to finalise Korora 22 and images are now available. I strongly recommend downloading with BitTorrent if you can.

We are not shipping Adobe Flash by default from 22 onwards, due to consistent security flaws. We still include the repository however, so users can install via the package manager or command line if they really want it:

sudo dnf install flash-plugin

Alternatively, install Google Chrome which includes the latest version of Flash.

Also, KDE 4 is not available for this release, so if you are not ready to move to KDE 5, then please stick to Korora 21.

The list of available wifi channels
is slightly different from country to country. To ensure access to the
right channels and transmit power settings, one needs to set the right
regulatory domain in the wifi stack.

Linux

For most Linux-based computers, you can look and change the current
regulatory domain using these commands:

where wireless.radio0 and wireless.radio1 are the wireless devices
specific to your router. You can look them up using:

uci show wireless

To test that it worked, simply reboot the router and then look at the
selected regulatory domain:

iw reg get
Scanning the local wifi environment

Once your devices are set to the right country, you should scan the local
environment to pick the least congested wifi channel. You can use the
Kismet spectools (free software)
if you have the hardware, otherwise
WifiAnalyzer
(proprietary) is a good choice on Android (remember to manually set the
available channels in the settings).